Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

365 advisories

Loading
Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is... High Unreviewed
CVE-2024-3052 was published Apr 27, 2024
Mattermost crashes web clients via a malformed custom status Moderate
CVE-2024-4182 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address... Moderate Unreviewed
CVE-2024-30402 was published Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key... High Unreviewed
CVE-2024-30397 was published Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... Moderate Unreviewed
CVE-2024-30384 was published Apr 12, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of... Moderate Unreviewed
CVE-2024-30409 was published Apr 12, 2024
In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead... Moderate Unreviewed
CVE-2023-52534 was published Apr 8, 2024
HPACK decoder panics on invalid input High
GHSA-w7hm-hmxv-pvhf was published for hpack (Rust) Apr 5, 2024
glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling... Moderate Unreviewed
CVE-2023-45922 was published Mar 27, 2024
In pq, there is a possible write-what-where condition due to an incorrect bounds check. This... Moderate Unreviewed
CVE-2024-20037 was published Mar 4, 2024
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix wild... High Unreviewed
CVE-2021-47014 was published Feb 28, 2024
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix panic during... Moderate Unreviewed
CVE-2021-47007 was published Feb 28, 2024
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in... Low Unreviewed
CVE-2021-46934 was published Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI... Moderate Unreviewed
CVE-2021-46909 was published Feb 27, 2024
Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and... Moderate Unreviewed
CVE-2023-6640 was published Feb 21, 2024
The incorrect object was checked for NULL in the built-in profiler, potentially leading to... Moderate Unreviewed
CVE-2024-1556 was published Feb 20, 2024
XSS sidekiq-unique-jobs UI server vulnerability High
CVE-2024-25122 was published for sidekiq-unique-jobs (RubyGems) Feb 13, 2024
pboling Earlopain
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to... Moderate Unreviewed
CVE-2024-25739 was published Feb 12, 2024
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in... Moderate Unreviewed
CVE-2023-52429 was published Feb 12, 2024
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of... High Unreviewed
CVE-2023-6874 was published Feb 5, 2024
moby docker daemon crash during image pull of malicious image Moderate
CVE-2021-21285 was published for github.com/moby/moby (Go) Jan 31, 2024
bgeesaman joshlarsen
IanColdwater mauilion raesene cpuguy83 neersighted
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend Moderate
CVE-2024-23650 was published for github.com/moby/buildkit (Go) Jan 31, 2024
cpuguy83
Vyper's raw_call `value=` kwargs not disabled for static and delegate calls Moderate
CVE-2024-24567 was published for vyper (pip) Jan 30, 2024
cyberthirst pcaversaccio
kuroi8 0xdeadbeef0x
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM... Moderate Unreviewed
CVE-2024-0675 was published Jan 30, 2024
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could... High Unreviewed
CVE-2023-34348 was published Jan 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database